Obama Seeks to Speed EMV Adoption

To help speed the adoption of EMV cards in the wake of recent payment card breaches at retailers, President Obama has signed an executive order directing government agencies to shift to the use of chip-and-PIN cards for use by staff as well as in consumer benefits programs, including Social Security.

At an appearance Oct. 17 at the federal Consumer Financial Protection Bureau, Obama also announced that the White House will host later this year a cybersecurity and consumer protection summit, bringing together cabinet members and key stakeholders in the consumer financial sector to share best practices, promote adherence to stronger security standards, and discuss next generation technologies.

Obama also is calling on Congress to enact a national data breach notification law, saying the current patchwork of state laws is unsustainable and helps no one. "Today we are calling on Congress to act with urgency on data breach legislation, to bring clarity to the expectations consumers should have when their data has been breached, and to steps companies must take to notify their customers of risks after such security breaches," the president says.

President Obama discusses the impact of online fraud on American citizens.

"We are also calling on Congress to pass meaningful cybersecurity legislation that will help the government better protect federal networks and legislation that appropriately balances the need for greater information sharing and strong protection for privacy and civil liberties - respecting the longstanding responsibilities of civilian and military agencies," Obama says.

The Reaction

Sandy Kennedy, president of the Retail Industry Leaders Association, says the president's announcement about the use of EMV cards at government agencies should serve as a catalyst for chip-and-PIN adoption in the U.S.

"The antiquated card security system in place today in the U.S. makes it far too easy for criminals to commit card fraud," Kennedy says. "Retailers are dedicated to protecting consumers and believe that chip-and-PIN technology will better shield U.S. consumers from fraud, just as it has done for consumers elsewhere around the world."

The American Bankers Association says the president's announcement is timely.

"Banks, payment networks and retailers are working together to make chip cards and readers widely available in advance of the October 2015 implementation deadline," says ABA President and CEO Frank Keating. "Banks invest hundreds of millions of dollars every year to put in place multiple layers of security to detect fraud before it occurs and effectively stop criminals in their tracks. We look forward to working with the White House, Treasury, Commerce and Homeland Security to share our best practices and new technologies that will aid in the fight against fraud."

But the Consumer Bankers Association, while supportive of the President's initiative, voiced caution about misguided expectations for EMV and the overall security of chip-and-PIN card technology.

"While chip-based technology is important, it's not a total solution to the issue of data security," says Richard Hunt, CBA's president and CEO. "Many financial institutions and retailers already have a plan in place to adopt its use - in addition to our own industry's stringent federal data security requirements. Other technologies are emerging to address online and mobile payments fraud, such as tokenization, which is being spearheaded by financial institutions and card networks in their effort to protect consumers."

Hunt says protecting consumer data is a "shared responsibility," and that merchants must have the same tough data security standards as financial institutions to truly stop hackers from compromising card data.

BuySecure Initiative

The use of the EMV chip-and-PIN cards is part of a new White House program called BuySecure Initiative, which the administration says will help drive the market toward more secure payment systems.

Among the companies joining the initiative to improve transaction security are Home Depot, Target, Walgreens and Walmart. The White House says those companies will roll out secure chip-and-PIN-compatible card terminals in all their stores, most by January 2015.

Also in January, the White House says, American Express will start a new program to support small businesses upgrading their point-of-sale terminals to more secure standards. Visa will launch a new program to educate consumers and merchants on chip cards and other secure technologies, sending experts to 20 cities in a national public service campaign, according to the White House.

In his remarks, the president also announced new steps by the government to assist victims of identity theft. An executive order directs the Federal Trade Commission to develop a new one-stop resource for victims, at IdentityTheft.gov, to streamline the reporting and remediation process with credit bureaus.

The executive order also directs expanded information sharing, with federal investigators regularly reporting evidence of stolen financial and other information to companies whose customers are directly affected.

The White House also says MasterCard will provide its customers with free identity theft monitoring and resolution support. The administration also says Citicorp, in partnership with FICO, will make credit scores available for free to all its consumer card customers, with monthly updates available online.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.